Benefits and Purposes of the Network Connectivity Status Indicator

Windows Vista includes a feature called Network Connectivity Status Indicator (NCSI), which is part of a broader feature called Network Awareness. Network Awareness collects network connectivity information and makes it available through an application programming interface (API) to services and applications on a computer running Windows Vista. With this information, services and applications can filter networks (based on attributes and signatures) and choose the networks best suited to their tasks. Network Awareness notifies services and applications of changes in the network environment, thus enabling applications to dynamically update network connections.

Network Awareness collects network connectivity information such as the Domain Name System (DNS) suffix of the computer and the forest name and gateway address of networks that the computer connects to. When called on by Network Awareness, NCSI can add information about the following capabilities for a given network:

Connectivity to an intranet

Connectivity to the Internet (possibly including the ability to send a DNS query and obtain the correct resolution of a DNS name)

NCSI is designed to be responsive to network conditions, so it examines the connectivity of a network in a variety of ways. For example, NCSI tests connectivity by trying to connect to http://www.msftncsi.com, a simple Web site that exists only to support the functionality of NCSI.

Overview: Using NCSI in a Managed Environment

In a managed environment, you might choose to use NCSI because of the way it supports services and applications that require network connectivity. You can disable NCSI, however, by changing a registry setting.

How NCSI Communicates with a Site on the Internet

The following list describes how NCSI might communicate with a Web site to determine whether a network has Internet connectivity:

Specific information sent or received:

Type of Request that NCSI Sends

What NCSI Expects to Receives if Connectivity Exists

A request for http://www.msftncsi.com/ncsi.txt

Page called ncsi.txt containing the following line of text with no terminating new line or other non-printing characters:

Microsoft NCSI

(Page headers disable caching.)

A request for DNS name resolution of dns.msftncsi.com

Resolution of the DNS name to:

131.107.255.255

Default setting and ability to disable: By default, Network Awareness (which includes NCSI) is enabled. NCSI can be disabled by changing a registry setting.

Triggers: Network Awareness and its subfeatures gather information flexibly—that is, by using complex algorithms that respond to changing network conditions. This means that triggers can vary, but the following are examples of typical triggers that can cause NCSI to communicate across the Internet:

A user first logs on after the computer has been restarted

The computer connects to a different network

The computer is brought into a hot spot (public wireless access area) that requires sign-in

User notification: NCSI does not notify the user before attempting to collect information. It does notify the user or the application when there are changes in connectivity (for example, loss of Internet connectivity). Note that an application that uses NCSI can be written to include user notifications if appropriate to the design and function of the application.

Logging: NCSI does not log events in Event Viewer.

Encryption and storage: NCSI does not use encryption (both the requests it sends and the responses it receives are standardized, as shown in the table earlier in this subsection). IIS logs are stored on the server at www.msftncsi.com. These logs contain the time of each access and the IP address recorded for that access. These IP addresses are not used to identify users, and in many cases, they are the address of a network address translation (NAT) computer or proxy server, not a specific client behind that NAT computer or proxy server.

Privacy: The privacy statement for Network Awareness (which includes NCSI) is on the Microsoft Web site at:

Controlling Communication Between NCSI and a Site on the Internet

You can prevent NCSI from connecting to http://www.msftncsi.com by setting a registry key. The following subsections provide more information.

How Preventing NCSI from Communicating Across the Internet Can Affect Users and Applications

If you set a registry key to prevent NCSI from connecting to http://www.msftncsi.com, applications that perform checks for the existence of Internet connectivity might work more slowly. Also, if a computer running Windows Vista is brought into a hot spot that requires sign-in, the computer might not detect the hot spot.

Procedures for Controlling Communication Between NCSI and a Site on the Internet

The following procedure describes how to change a registry setting that prevents NCSI from communicating across the Internet.

To Prevent NCSI from Communicating Across the Internet by Changing a Registry Setting

For best results, close all programs on the computer on which you are changing the registry setting.

To open a command prompt as an administrator, click Start, point to All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.

If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.

Type:

regedit

Caution

Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the computer. You can also use the Last Known Good Configuration startup option if you encounter problems after manual changes have been applied.